Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2022-0811

Description

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.

POC

Reference

No PoCs from references.

Github

- https://github.com/43622283/awesome-cloud-native-security

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Ahmed-U-Github/500-k8-prod-issue

- https://github.com/Aimona/k8s-500-prod-issues

- https://github.com/Aleemohammed/500K8S-Scenarios

- https://github.com/Balaram-kishore/K8s-senarios---realtime

- https://github.com/Deep2631/500-Prod-realtime-kubernetes-issues

- https://github.com/LouisLiuNova/container-escape-exploits

- https://github.com/Metarget/awesome-cloud-native-security

- https://github.com/Metarget/metarget

- https://github.com/Mnk1947/Kubernetes-realtime

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/SYRTI/POC_to_review

- https://github.com/Sudarsan123/k8s-500-prod-issues

- https://github.com/WhooAmii/POC_to_review

- https://github.com/abhishekg2244/KubernetesDetails

- https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground

- https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground

- https://github.com/bhaskar-9624/k8s-500-prod-issues

- https://github.com/caxsolindia/checklists

- https://github.com/dileepreddybandari/test

- https://github.com/gaurangshah1/K8S-Prod-issues

- https://github.com/h4ckm310n/Container-Vulnerability-Exploit

- https://github.com/iamrikie/k8s-500-prod-issues

- https://github.com/iridium-soda/container-escape-exploits

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/kajogo777/kubernetes-misconfigured

- https://github.com/karimhabush/cyberowl

- https://github.com/ksivaprakash5/KubernetesK8S-Issues

- https://github.com/madhubitvs/ecs_fargate

- https://github.com/manas3c/CVE-POC

- https://github.com/mdhazratali36/k8s-500-prod-issues

- https://github.com/mrandersono/k8s_problems

- https://github.com/mrudhulk/K8S-500-Prod-Issues

- https://github.com/nikhilnischal/k8s-500-production-issues

- https://github.com/nnsutebu/K8S-prod-workbook

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/raymondogbe/EKS_PROD_ISSUE

- https://github.com/rewanthtammana/container-and-kubernetes-security-workshop

- https://github.com/riyanuddin17/k8s-500-prod-issues

- https://github.com/rmacha-debug/k8s

- https://github.com/soosmile/POC

- https://github.com/spiarh/webhook-cve-2022-0811

- https://github.com/suman2mark/k8s-prodisssues

- https://github.com/teamaoctopdog/Kubernetes

- https://github.com/trhacknon/Pocingit

- https://github.com/turbra/ocp-cr8escape

- https://github.com/usamaelshazly/k8s-troubleshooting

- https://github.com/vijay2181/k8s-500-prod-issues

- https://github.com/whoforget/CVE-POC

- https://github.com/youwizard/CVE-POC

- https://github.com/zecool/cve

- https://github.com/zibusiso-ndlovu/k8s-production-issues